Formal verification of secure information flow in cloud computing

Zeng, Wen; Koutny, Maciej; Watson, Paul; Germanos, Vasileios

doi:10.1016/j.jisa.2016.03.002

Cited by 15 publications

(13 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The number of users who share password to open protected document is the measure of the application risks of the DRM product. For cloud computing systems, the value of opacity or diagnosability is the measure of information flow security after implementing security policies in the systems . Information on choosing and defining security metrics can be found in previous publications…”

Section: Methodsmentioning

confidence: 99%

“…However, the security metrics which were introduced in these studies focused on the adversary profile, they did not consider the implementation of information security technologies in the systems. In more works, [24][25][26] the authors mentioned that we should consider the cost and benefit of implementing information security policies in cloud computing systems and introduced security metrics to analyze the effect of security policies; however, they did not have a procedure to evaluate the benefit and cost of implementing information security policies.The primary objective of this study is, therefore, to establish a standard procedure for organizations to conduct cost-benefit analyses for information security technologies using stochastic models. This procedure applies the concept of security metrics and stochastic Petri nets to simulate the business processes and human behavior involved in the information security technologies.…”

mentioning

confidence: 99%

“…For cloud computing systems, the value of opacity or diagnosability is the measure of information flow security after implementing security policies in the systems. 24,25,46 Information on choosing and defining security metrics can be found in previous publications. 45,47 Steps 2, 3, and 4 can be executed concurrently, because one step can assist the others.…”

mentioning

confidence: 99%

See 2 more Smart Citations

A methodology for cost‐benefit analysis of information security technologies

Zeng

2018

Concurrency and Computation

Self Cite

View full text Add to dashboard Cite

Summary Although information security technologies (such as digital rights management products) have been proven effective and successful in protecting the confidentiality of sensitive information by providing access control, these technologies have not been widely adopted and used to their potential. One reason for this could be that cost and benefit of these products have not been analyzed in a systematic and quantitative manner to date. As a result, companies do not have an established procedure to evaluate the cost and benefit of implementing these products. In this document, the benefits of implementing a digital rights management product in enterprises are quantified using stochastic Petri nets models and are compared with the security needs of a corporation and potential costs incurred by the implementation process. An evaluating procedure for implementing these products is established. This procedure has the potential to be used to improve the ability of a corporation to make sensible security investment decisions.

show abstract

Section: Methodsmentioning

confidence: 99%

mentioning

confidence: 99%

See 1 more Smart Citation

A methodology for cost‐benefit analysis of information security technologies

Zeng

2018

Concurrency and Computation

Self Cite

View full text Add to dashboard Cite

show abstract

“…The model introduced in this section resembles Petri net models proposed in [31], [32] which incorporated the Bell-Lapadula rules in cloud computing systems. 1.…”

Section: Definition 4 (Pifm)mentioning

confidence: 99%

Quantitative Analysis of Opacity in Cloud Computing Systems

Zeng

Koutny

2021

IEEE Trans. Cloud Comput.

Self Cite

View full text Add to dashboard Cite

Federated cloud systems increase the reliability and reduce the cost of the computational support. The resulting combination of secure private clouds and less secure public clouds, together with the fact that resources need to be located within different clouds, strongly affects the information flow security of the entire system. In this paper, the clouds as well as entities of a federated cloud system are assigned security levels, and a probabilistic flow sensitive security model for a federated cloud system is proposed. Then the notion of opacity -a notion capturing the security of information flow -of a cloud computing systems is introduced, and different variants of quantitative analysis of opacity are presented. As a result, one can track the information flow in a cloud system, and analyze the impact of different resource allocation strategies by quantifying the corresponding opacity characteristics.

show abstract

“…Some other works about formal semantic analysis of cloud computing are proposed. 50,51 Ghosh et al 50 develop a scalable stochastic analytic model for the performance quantification of Infrastructure-as-a-Service cloud. In contrast, we have proposed a method to address the reliability, running time, and failure processing of resource scheduling in cloud computing.…”

Section: Related Workmentioning

confidence: 99%

Formally modeling and analyzing cost‐aware job scheduling for cloud data center

Fan

Chen

et al. 2018

Softw Pract Exp

View full text Add to dashboard Cite

Summary With the rapid development of cloud computing, many distributed data centers have been deployed. This means larger energy consumption requirements from the data center. How to reduce the cost of data center has received significant attention recently. Although there are several efforts in studying energy consumption of the data center, very few have considered modeling and analyzing cost‐aware job scheduling for the cloud data center. To address this emerging problem, we propose a systematic approach that considers both basic elements and their relationships in cloud data center. First, we present a formal language to describe the cloud data center, and a job scheduling net is proposed to formally model the basic elements such as user request, Web portal, data center, and server. Second, we minimize the total cost of the cloud data center by considering the multidimensional resource and local electricity price on the basis of the state space of constructed model. The dynamic job scheduling algorithm and its specific execution steps are proposed based on the alternating direction method of multipliers algorithm. Third, the operational semantics and related theories of Petri nets for establishing the correctness of our proposed method are presented. Finally, a series of simulations are performed to illustrate that the proposed method can guarantee the correct behavior of job scheduling in the cloud data center while meeting the required cost.

show abstract

Formal verification of secure information flow in cloud computing

Cited by 15 publications

References 20 publications

A methodology for cost‐benefit analysis of information security technologies

A methodology for cost‐benefit analysis of information security technologies

Quantitative Analysis of Opacity in Cloud Computing Systems

Formally modeling and analyzing cost‐aware job scheduling for cloud data center

Contact Info

Product

Resources

About